[pacman-dev] [ Package Signing ] Your signature please

Pierre Schmitz pierre at archlinux.de
Sat Feb 19 04:25:38 EST 2011

On Sat, 19 Feb 2011 17:35:21 +1000, Allan McRae wrote:
> I will repeat myself again...  Patches for pacman do bugger all for
> getting signatures into Arch Linux repos.   Patches for the Arch Linux
> devtools/db-scripts packages are needed.

To be honest, I don't think it's worth to work on patches for devtools
dbscripts right now. I'd prefer to be pointed at some documents which
describe exactly the wrokflow to sign a package with makepkg, upload it,
add it to a db, update, replace and delete it.

Once there is a version of pacman which supports signed packages I can
start implementing these ideas.

And last but not least we need to think about key management which is
less technical but very important.



Pierre Schmitz, https://users.archlinux.de/~pierre

More information about the pacman-dev mailing list